Ransomware: What is it and how to prevent it

Date: 29 Apr 2016

By: Kurt Beaumont-Jones

Comment: Comments are off

29 April 2016

Ransomware has been appearing in the news more recently but what exactly is ransomware and how do we prevent it?

So here is how it works; once ransomware gets on the computer usually through an infected email or a Trojan horse attack, it will simply lock the user from the computer or their data in some way, demanding a sum of money to unlock the computer.

There are three stages of ransomware. The first being a simple ransomware in which pop-up banner ads are displayed claiming the user’s computer has an issue which can be fixed by clicking on the ad, clicking on the ad allows the ransomware access to the user’s computer, and a cost for any repairs.

The second type is transferred via infected emails or from visiting compromised websites and downloading files. These types of ransomware can be rather difficult to deal with as usually they will lock the user from accessing their operating system and display a message claiming to be from the police or FBI stating they have found explicit content and by paying the fee the computer will be unlocked and the user can avoid jail time.

The final type of ransomware is the type that will encrypt the entire system using a very strong 256-bit AES cipher encryption method (In simple terms, about as strong as encryption gets). The most common form of this is known as Cryptolocker which encrypts the entire system demanding £200+ in order to receive a decryption key. If the user doesn’t have adequate backups they can be facing a complete loss of access to all their encrypted data.

Ransomware may be a struggle to remove once installed but there are simple counter-measures users can take in order to protect themselves from ever being infected by them. Firstly, avoid clicking on any banner adverts that may appear when visiting websites. Next is too keep full regular backups of the system as this will allow you to restore your data if the computer is infected with a ransomware that encrypts your entire system. We suggest keeping both onsite and offsite backups, as taking the extra pre-caution can save the entire system. Finally, be sure to have an up to date anti-virus program. Make sure these programs run regular scans on your entire system, this may take some time but in the end could save the system from becoming infected. With all these counter-measures in place users should be at less risk from attack.